commit 5329018: [Minor] lua_scanners - oletools - complete threats in extended mode
Carsten Rosenberg
c.rosenberg at heinlein-support.de
Mon Jan 28 12:35:04 UTC 2019
Author: Carsten Rosenberg
Date: 2019-01-26 10:28:51 +0100
URL: https://github.com/rspamd/rspamd/commit/532901848a31e533b4e8e14b34254dd43f005497
[Minor] lua_scanners - oletools - complete threats in extended mode
---
lualib/lua_scanners/oletools.lua | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lualib/lua_scanners/oletools.lua b/lualib/lua_scanners/oletools.lua
index f0fdd82b4..577b79863 100644
--- a/lualib/lua_scanners/oletools.lua
+++ b/lualib/lua_scanners/oletools.lua
@@ -167,8 +167,8 @@ local function oletools_check(task, content, digest, rule)
m_autoexec = 'A'
table.insert(analysis_keyword_table, a.keyword)
elseif a.type == 'Suspicious' then
- if rule.extended == true then m_suspicious = 'S' end
- if a.keyword ~= 'Base64 Strings' and a.keyword ~= 'Hex Strings'
+ if rule.extended == true or
+ (a.keyword ~= 'Base64 Strings' and a.keyword ~= 'Hex Strings')
then
m_suspicious = 'S'
table.insert(analysis_keyword_table, a.keyword)
More information about the Commits
mailing list